Skills
.Work. You
Rest

secure-code-review

Official

Strengthen security through expert code reviews.

Software Engineering#DAST#SAST#OWASP Top 10#secure-review#CodeQL#SonarCloud
AuthorHack23
Version1.0.0
Installs0

System Documentation

What problem does it solve?

This Skill provides a structured approach for performing security code reviews to identify vulnerabilities before they reach production, reducing risk across codebases.

Core Features & Use Cases

  • OWASP Top 10 & secure SDLC alignment: guidance to apply checklists during PR reviews and security audits.
  • SAST/DAST integration guidance: practical steps to incorporate tools like CodeQL and SonarCloud into the review process.
  • Threat modeling & secure design: prompts to consider data flows, authentication, and data protection during feature changes.
  • Use Case: before merging a critical feature, run the security review and document findings in PR, with mitigation tasks.

Quick Start

Initiate a security code review on a pull request using the recommended CodeQL and SonarCloud checks, and summarize findings in the PR.

Dependency Matrix

Required Modules

None required

Components

Standard package

💻 Claude Code Installation

Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.

Please help me install this Skill:
Name: secure-code-review
Download link: https://github.com/Hack23/cia/archive/main.zip#secure-code-review

Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
View Source Repository

Agent Skills Search Helper

Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.